11 Ways to Enhance Android Security

It should come as no surprise that hackers are always trying to get ahead of security developers, just as it should be no surprise that these hackers often target the Android operating system. After all, the Android OS is used on mobile devices all over the world. If your business leverages these devices, there are quite a few security considerations you need to keep in mind.

Remember Security BasicsThere are multiple ways to help your mobile security that take relatively little effort on your part. If you aren’t already in the habit, get used to locking your device whenever it isn’t in use. To unlock your device, you should require a PIN at the very least, and leverage biometric authentication whenever possible. This will help to keep your phone secured if it should be lost or stolen in public.

Use Google Play to Keep Your Devices OrganizedWhenever you download an application from the Google Play Store, you are given the option to install the app on any device associated with your Google account. This list is also used to locate a misplaced device. You can help to make this easier by renaming your devices to differentiate between them more easily. Should you need to remove a device from your list, all you have to do is uncheck the box labelled Show in Menus.

Make Sure Your Trusted Devices are UpdatedEvery device you access your Google account with is automatically added to a list of trusted devices. You should make sure that this list only has devices on it that you know and trust. If there is a device that is unfamiliar on this list, you should remove it and change your password immediately. To check which devices have access to your Google account, visit https://myaccount.google.com/device-activity.

Finding a Lost DeviceIn the event that your device is misplaced, Google has a solution that you can leverage to find it more easily by taking a few proactive measures. First, open up your Android device’s Settings and find the Google option. From there, select Security and activate the Find My Device setting. While in settings, you should also confirm that your Location settings are activated so that Find My Device will work properly. You can even use the web version of Find My Device to make your lost device ring and help to find it.

Leverage Google’s Security CheckIf you ever suspect that your Google account is vulnerable to access by unauthorized parties, the web giant provides a security checker that evaluates your preparations. This tool can be found here: https://myaccount.google.com/security-checkup.

Review the Passwords Saved to Smart LockOne of Google’s features is a handy one, but could foreseeably create some difficulties in the future. Smart Lock will save the credentials you use to access different accounts with the device. However, you should periodically check and be sure that the passwords are properly updated to avoid issues when you try to access your saved accounts.

Connect with CautionWhile it can be handy to connect an app to your Google account, this isn’t a permission you should grant willy-nilly. Some apps will only be needed once or twice, and others will become a tool you regularly use. If you no longer have use for an app, it is best that you remove it from your account. After all, the more connections your account has, the more vulnerable it is to attack. You can edit your account permissions by visiting https://myaccount.google.com/permissions.

Be Discerning When Downloading AppsEven the Google Play Store can have a threatening application available, despite the best efforts to screen out such apps. As a result, you should be sure to only download applications from the Play Store, and even then, consider each app and its permissions before adding it to your device.

Leverage Android’s App-Scanning CapabilitiesAndroid has a security scanning feature built in, eliminating the need to download a third-party app to accomplish the same thing. In Settings, access Security & Location. Under Google Play Protect, make sure that Scan device for security threats is selected. Your device will now periodically run automatic scans in the background for threats, only notifying you if an issue is discovered.

Reinforcing with Third-Party AppsDespite the incorporation of Android’s security scanning capabilities, it may not hurt to add additional protections. A trusted IT provider will be able to recommend solutions that you can rely on to protect your devices.

Incorporating 2FA2FA, or Two-Factor Authentication, is another excellent way to keep others from accessing your accounts. With a solution like Google Authenticator or many others, a single-use code will be generated that is a necessary credential along with your username and password. You’ll want to lean on your IT provider to ensure you have a trustworthy 2FA solution that meets a business’ needs.

If you want to learn more about mobile security, or any other IT topic, lean on the resources at Infradapt. We’re available at 800.394.2301.

About the author

John Reilly is Managing Partner at Infradapt, LLC. Prior to joining Infradapt, he was the President of Vital IT Solutions, Inc., where among other roles, he developed a methodology and approach for performing risk and compliance assessments.

Prior to Infradapt, Mr. Reilly founded Vital IT Solutions, Inc., Mr. Reilly worked with Expanets, Inc., as a Senior Converged Account Executive, specializing in VoIP and Security, and a Subject Matter Expert (SME) on HIPAA. His Expanets’ achievements included national Sales awards including Millionaire’s Club and pioneering VoIP deployments for regional clients.

Mr. Reilly also has direct work experience in the banking industry, where he worked in Sales and Management, and in manufacturing, where he worked as an Accountant. John earned his BS in Accounting at Gwynedd-Mercy College, while also studying Negotiation, Decision Making, and Creative Problem Solving. He holds a SANS GIAC security certification and is a member of the Philadelphia Chapter of InfraGard.